werkzeug.get_host(environ, trusted_hosts=None)[source]

Return the real host for the given WSGI environment. This first checks the X-Forwarded-Host header, then the normal Host header, and finally the SERVER_NAME environment variable (using the first one it finds).

Optionally it verifies that the host is in a list of trusted hosts. If the host is not in there it will raise a SecurityError.

  • environ – the WSGI environment to get the host of.
  • trusted_hosts – a list of trusted hosts, see host_is_trusted() for more information.